diff options
author | Florian Dold <florian@dold.me> | 2021-10-19 13:20:03 +0200 |
---|---|---|
committer | Florian Dold <florian@dold.me> | 2021-10-19 13:20:03 +0200 |
commit | f9b3f95b133dd98289ccd165966896fc0af5860d (patch) | |
tree | fa45353a1d3a0eb0f69fa709febae635706b079f /src/util | |
parent | 3a9e7d47e8c0d8b5cc172d48c44afdeed6414429 (diff) | |
download | anastasis-f9b3f95b133dd98289ccd165966896fc0af5860d.tar.gz anastasis-f9b3f95b133dd98289ccd165966896fc0af5860d.tar.bz2 anastasis-f9b3f95b133dd98289ccd165966896fc0af5860d.zip |
Fix account key derivation.
In Ed25519, the secret key is just a seed and not a scalar. It is used
both when hashing the message and used to derive the scalar "d" via
hashing. Only the scalar "d" needs bit-twiddling. Bit-twiddling the
seed doesn't make sense.
Diffstat (limited to 'src/util')
-rw-r--r-- | src/util/anastasis_crypto.c | 5 |
1 files changed, 0 insertions, 5 deletions
diff --git a/src/util/anastasis_crypto.c b/src/util/anastasis_crypto.c index 9231fc1..e122c07 100644 --- a/src/util/anastasis_crypto.c +++ b/src/util/anastasis_crypto.c @@ -240,11 +240,6 @@ ANASTASIS_CRYPTO_account_private_key_derive ( GNUNET_break (0); return; } - /* go from ver_secret to proper private key (eddsa_d_to_a() in spec) */ - - priv_key->priv.d[0] &= 0xf8; - priv_key->priv.d[31] &= 0x7f; - priv_key->priv.d[31] |= 0x40; } |